Front cover -- Contents -- Notices -- Trademarks -- Preface -- The team that wrote this redbook -- Become a published author -- Comments welcome -- Part 1 Security concepts introduced -- Chapter 1. Fundamentals of IT security -- 1.1 Introduction -- 1.1.1 Knowledge capital -- 1.1.2 The CSI/FBI Computer Crime and Security Survey -- 1.1.3 CERT figures -- 1.2 Important terminology -- 1.2.1 Computer system -- 1.2.2 Computer network -- 1.2.3 IT infrastructure -- 1.2.4 Computer security -- 1.2.5 Information classification -- 1.2.6 Information classification caveat -- 1.3 Computer security services -- 1.3.1 Data integrity -- 1.3.2 Confidentiality -- 1.3.3 Identification and authentication -- 1.3.4 Access control -- 1.3.5 Non-repudiation -- 1.4 Cryptographic techniques -- 1.4.1 Cryptography -- 1.4.2 Symmetric key algorithms -- 1.4.3 Asymmetric key algorithms -- 1.4.4 The hybrid algorithm -- 1.4.5 Digital signatures -- 1.4.6 Public key certificates -- 1.4.7 Public key cryptographic standard -- 1.5 Summary -- Chapter 2. Security methodologies -- 2.1 Approaches to IT security -- 2.1.1 Some definitions -- 2.1.2 Risk mitigation -- 2.1.3 The human element -- 2.1.4 Selecting a methodology -- 2.2 ISO17799 -- 2.2.1 Some history -- 2.2.2 What ISO 17799 contains -- 2.2.3 What ISO 17799 doesn't contain -- 2.3 Common Criteria (International Standard 15408) -- 2.4 Method for Architecting Secure Solutions (MASS) -- 2.4.1 Problem statement -- 2.4.2 Analysis -- 2.4.3 System model for security -- 2.4.4 Security subsystems -- 2.4.5 Developing security architectures -- 2.4.6 Business process model -- 2.4.7 Selection and enumeration of subsystems -- 2.4.8 Documenting a conceptual security architecture -- 2.4.9 Integrating security into the overall solution architecture -- 2.4.10 Use cases -- 2.4.11 MAAS Conclusions -- 2.5 The ISSL methodology.

2.5.1 Brief introduction to the methodology -- 2.5.2 Phase 1: Assess -- 2.5.3 Phase 2: Build -- 2.5.4 Phase 3: Manage -- 2.6 Summary -- Part 2 Building a secure infrastructure -- Chapter 3. Secure infrastructure requirements -- 3.1 The need for secure infrastructures -- 3.2 Infrastructure security requirements -- 3.2.1 Data confidentiality assurance -- 3.2.2 Data integrity assurance -- 3.3 Summary -- Chapter 4. Security components and layers -- 4.1 Infrastructure components -- 4.1.1 Firewall overview -- 4.1.2 Firewall products -- 4.1.3 Routers, switches, and hubs -- 4.1.4 Proxy servers -- 4.1.5 Intrusion detection systems -- 4.1.6 Enterprise access management and identity management systems -- 4.1.7 Application servers -- 4.2 Security architecture model -- 4.2.1 The DMZ model: a retrospective -- 4.2.2 The four zone model -- 4.2.3 Zone boundaries -- 4.2.4 Interzone connectivity: Data flow policies -- 4.2.5 Data access models -- 4.2.6 Data flow policies -- 4.3 Design validation -- 4.3.1 Data flow example -- 4.4 Summary -- Chapter 5. Proxies -- 5.1 Proxies defined -- 5.2 The proxy process -- 5.3 Types of proxies -- 5.3.1 Forward proxies -- 5.3.2 Transparent proxies -- 5.3.3 Caching proxies -- 5.3.4 Security proxies -- 5.3.5 Reverse proxies -- 5.4 Reverse proxies and Lotus technologies -- 5.4.1 Domino caching considerations -- 5.4.2 HTTP Methods required for Domino -- 5.4.3 URL mappings required for Domino and Domino-based products -- 5.5 Lotus Sametime 3.1 proxy support -- 5.5.1 Overview of Sametime 3.1 proxy support -- 5.5.2 Reverse proxy server requirements -- 5.5.3 Sametime limitations when using reverse proxy servers -- 5.5.4 SSL and client certification considerations and issues -- 5.5.5 Mapping rules on the reverse proxy server to support Sametime -- 5.5.6 Configuring Sametime 3.1 for reverse proxy support -- 5.6 General reverse proxy tips.

5.7 Summary -- Chapter 6. Public key infrastructures -- 6.1 The Notes PKI -- 6.1.1 Registration and certification -- 6.1.2 Certification hierarchies -- 6.1.3 Notes IDs -- 6.1.4 Notes passwords -- 6.1.5 The Domino Directory -- 6.1.6 The Domino domain -- 6.1.7 Certification hierarchies -- 6.1.8 Notes cross-certification -- 6.1.9 Authentication -- 6.1.10 Notes authentication -- 6.1.11 Data integrity with digital signatures -- 6.1.12 Confidentiality with encryption -- 6.1.13 Notes PKI summary -- 6.2 The Internet PKI -- 6.2.1 Internet standards -- 6.2.2 Components of a PKI -- 6.2.3 X.509 certificates -- 6.2.4 Web client authentication -- 6.2.5 Secure Sockets Layer -- 6.2.6 The Domino Certificate Authority -- 6.2.7 Secure Internet messaging -- 6.2.8 Secure messaging with PGP -- 6.2.9 Secure messaging with S/MIME -- 6.2.10 Using Lotus Notes 6 as an S/MIME client -- 6.3 Summary -- Chapter 7. Single sign-on -- 7.1 SSO methods -- 7.1.1 Single password or SSO -- 7.2 LTPA -- 7.2.1 Authentication -- 7.2.2 Access control -- 7.2.3 Troubleshooting LTPA issues -- 7.3 X.509 certificates -- 7.3.1 Authentication -- 7.3.2 Access control -- 7.4 DSAPI -- 7.4.1 Authentication -- 7.4.2 Access control -- 7.5 HTTP headers -- 7.5.1 Authentication -- 7.5.2 Access control -- 7.6 A single sign-on scenario -- 7.7 Summary -- Chapter 8. Directory strategies -- 8.1 Directory fundamentals -- 8.1.1 LDAP directories -- 8.2 Multiple directories -- 8.2.1 Authoritative sources -- 8.2.2 Points of control -- 8.2.3 Data management -- 8.3 Directory synchronization -- 8.3.1 Data sources -- 8.3.2 Object classes -- 8.3.3 Attributes -- 8.3.4 Attribute and record mapping -- 8.3.5 Data flows -- 8.3.6 Event-driven synchronization -- 8.3.7 Tools -- 8.4 Unified directory service -- 8.4.1 Account provisioning -- 8.4.2 Enterprise access controls -- 8.5 Summary -- Chapter 9. Server hardening.

9.1 Hardening fundamentals -- 9.1.1 Starting with the operating system -- 9.1.2 Protection and prevention tools -- 9.1.3 Hardening fundamentals summary -- 9.2 Operating system security -- 9.2.1 Operating system overview -- 9.2.2 Windows operating system weaknesses -- 9.2.3 Linux weaknesses -- 9.3 Hardening Windows (NT kernel-based) systems -- 9.3.1 Hardening Windows NT 4.0 -- 9.3.2 Hardening Windows 2000 -- 9.3.3 Windows workstation hardening -- 9.3.4 Further reading -- 9.4 Hardening UNIX systems -- 9.4.1 Common steps for hardening UNIX and Linux servers -- 9.4.2 Partitioning for protection -- 9.4.3 Disabling the extraneous inetd service -- 9.4.4 Installing and configuring tcp_wrappers -- 9.4.5 Tighten sendmail default options -- 9.4.6 Linux-specific tasks -- 9.4.7 Solaris-specific tasks -- 9.4.8 Tweaking the network configurations for security -- 9.4.9 Remote log server -- 9.5 Hardening the AIX operating system -- 9.5.1 Removing information from login screens -- 9.5.2 Strengthening user security -- 9.5.3 Defining access to the trusted communication path -- 9.5.4 Dealing with special situations -- 9.5.5 Enabling system auditing -- 9.5.6 Monitoring files, directories, and programs -- 9.5.7 Managing X11 and CDE concerns -- 9.5.8 Disabling unnecessary services -- 9.6 Summary -- Part 3 Security features of Lotus products -- Chapter 10. The Notes/Domino security model -- 10.1 Components of the Notes/Domino security model -- 10.2 Physical security -- 10.3 Logical security -- 10.3.1 Network security -- 10.3.2 Notes security -- 10.4 Conclusion -- Chapter 11. Domino/Notes 6 security features -- 11.1 Domino server security -- 11.1.1 User and server access to Domino servers -- 11.1.2 Administrator access -- 11.1.3 Web Administrator -- 11.1.4 Programmability restrictions -- 11.1.5 Policies and policy documents -- 11.1.6 Internet Site security.

11.1.7 Physical server security -- 11.2 HTTP server security -- 11.2.1 Domino Web Server API -- 11.2.2 HTTP server plug-ins -- 11.3 Service provider environment (xSP) -- 11.4 Roaming users -- 11.5 Domino certificate authority -- 11.5.1 Domino server-based certification authority -- 11.6 Directory services -- 11.6.1 Directory administration servers -- 11.6.2 Dedicated directory servers -- 11.6.3 Directory assistance -- 11.6.4 Extended access control lists -- 11.6.5 LDAP directories -- 11.7 Internet and Notes password synchronization -- 11.8 Notes ID recovery -- 11.9 Web client authentication -- 11.9.1 Name variation considerations -- 11.9.2 Multi-server session-based authentication (SSO) -- 11.9.3 Web users from secondary Domino and LDAP directories -- 11.9.4 Domino name mapping -- 11.10 Domino Password Checking -- 11.10.1 The Notes and Domino password checking system -- 11.10.2 Gaining access to a server and the process flow -- 11.10.3 Password checking events -- 11.10.4 More details -- 11.10.5 iNotes and password checking -- 11.11 Database access control lists (ACLs) -- 11.12 Mail security -- 11.12.1 Controlling spam -- 11.12.2 Mail policy management -- 11.13 Domino Off-Line Services -- 11.14 Notes client security -- 11.14.1 Smartcards -- 11.14.2 Execution Control Lists -- Chapter 12. Security features of other Lotus products -- 12.1 Lotus Team Workplace (QuickPlace) -- 12.1.1 QuickPlace and SSL -- 12.1.2 User directories -- 12.1.3 QuickPlace authentication -- 12.1.4 QuickPlace access control -- 12.1.5 Server settings in the administration place -- 12.2 Lotus Sametime -- 12.2.1 Securing the Sametime Connect client for desktops -- 12.2.2 Proxy support for Sametime clients -- 12.2.3 Securing the Sametime Java connect client -- 12.2.4 Securing the Sametime Meeting Room client -- 12.2.5 Securing the meeting server -- 12.3 Domino Web Access (iNotes).

12.3.1 Authentication.